package com.ruoyi.dora.web.config;


import com.ruoyi.dora.web.realm.UserRealm;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.mgt.SessionsSecurityManager;
import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

/**
 * @author rubble
 */
@Configuration
@ConditionalOnProperty(
    name = {"ruoyi.dora.shiro.config.enabled"},
    matchIfMissing = true
)
public class ShiroConfiguration {




//  @Autowired
//  private UserRealm userRealm;
//
//  @Autowired
//  private CredentialsMatcher credentialsMatcher;

  @Bean
  public UserRealm userRealm() {
    UserRealm userRealm = new UserRealm();
    userRealm.setCredentialsMatcher(credentialsMatcher());
    return userRealm;
  }

  @Bean
  public ShiroFilterChainDefinition shiroFilterChainDefinition() {
    DefaultShiroFilterChainDefinition chainDefinition = new DefaultShiroFilterChainDefinition();
    chainDefinition.addPathDefinition("/static/**", "anon");
    chainDefinition.addPathDefinition("/ajax/**", "anon");
    chainDefinition.addPathDefinition("/css/**", "anon");
    chainDefinition.addPathDefinition("/file/**", "anon");
    chainDefinition.addPathDefinition("/fonts/**", "anon");
    chainDefinition.addPathDefinition("/html/**", "anon");
    chainDefinition.addPathDefinition("/i18n/**", "anon");
    chainDefinition.addPathDefinition("/img/**", "anon");
    chainDefinition.addPathDefinition("/js/**", "anon");
    chainDefinition.addPathDefinition("/ruoyi/**", "anon");
    chainDefinition.addPathDefinition("/login", "anon");
    chainDefinition.addPathDefinition("/captcha", "anon");
    chainDefinition.addPathDefinition("/logout", "anon");
    chainDefinition.addPathDefinition("/ruoyi.png", "anon");
    chainDefinition.addPathDefinition("/favicon.ico", "anon");
    chainDefinition.addPathDefinition("/layuiadmin/**", "anon");
    chainDefinition.addPathDefinition("/druid/**", "anon");
    chainDefinition.addPathDefinition("/api/**", "anon");
    chainDefinition.addPathDefinition("/**", "authc");
    return chainDefinition;
  }

  @Bean
  public HashedCredentialsMatcher credentialsMatcher() {
    HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher();
    // Md5Hash.ALGORITHM_NAME
    credentialsMatcher.setHashAlgorithmName("SHA-256");
    credentialsMatcher.setStoredCredentialsHexEncoded(false);
    credentialsMatcher.setHashIterations(1024);

    return credentialsMatcher;
  }

  @Bean
  public SessionsSecurityManager securityManager() {
    DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
    securityManager.setRealm(userRealm());

    return securityManager;
  }
}